My apologies if this is the wrong mailing list; I didn't find a better one.
The man page for TAILQ_REMOVE, etc. contains the following sample code:
while (head.tqh_first != NULL)
TAILQ_REMOVE(&head, head.tqh_first, entries);
I checked /usr/include/sys/queue.h and, sure enough, TAILQ_REMOVE
doesn't free
head.tqh_first. Nor should it-- this isn't Objective-C, after all. :-)
It should be something like:
while (head.tqh_first != NULL) {
np = head.tqh_first;
TAILQ_REMOVE(&head, np, entries);
free(np);
}
The same bug is repeated for all the data structures in this man page.
In this day and age of Java, C#, and Objective-C programmers, kids these
days
are less likely to remember to clean up after themselves. Therefore it was
particularly jarring to find this bug. Ten years ago I might have
laughed it
off. That's probably why it's been around for so long.
David
In article <[email protected]> (at Sun, 16 Oct 2005 20:50:49 -0500), David Leppik <[email protected]> says:
> The man page for TAILQ_REMOVE, etc. contains the following sample code:
>
> while (head.tqh_first != NULL)
> TAILQ_REMOVE(&head, head.tqh_first, entries);
>
> I checked /usr/include/sys/queue.h and, sure enough, TAILQ_REMOVE
> doesn't free
> head.tqh_first. Nor should it-- this isn't Objective-C, after all. :-)
>
> It should be something like:
>
> while (head.tqh_first != NULL) {
> np = head.tqh_first;
> TAILQ_REMOVE(&head, np, entries);
> free(np);
> }
Wrong. People do not always destroy the item removed
from the list, I think.
--yoshfuji